package com.zzx.security;

import java.util.Comparator;
import java.util.Enumeration;
import java.util.Map;
import java.util.Set;
import java.util.TreeMap;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.util.StringUtils;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

import com.zzx.util.RSAsignature;

public class Interceptor extends HandlerInterceptorAdapter{
	
	private String publicKey;
	
	private String pk = "30820122300d06092a864886f70d01010105000382010f003082010a0282010100e0cc3c3541a6a9693c35f44249f6aee5bf2798ebb4553beb14d99ea9c182429d326bfeb7b950dce668b1b3da1cc684c90445b5f25d0c702a3f2711d1b72659ff56538d686e204d34393dfcb1c64026de8c46a46734399141f2099765b6d2ac7a756fa6e6e0f2c67e8edde7b4f15b8f871300a5f4623321564c7813efe977fe6178c019470cae94aa858e027f3ed078f2285545006d6ff994be6b5e028e83d170b671cd1cec9d1d4ea19cb916bc2f0761f9f0a9a1d4e1599a9e0dc76c75edd04b2a7e0aa4d48600afa0406e6b48b6455038b4eb411e8243f8e46f2861f9ea21d88521b9f41938f5629fd242990b4be7a15f4825bb3c723ba5e60c0ca67d401c5d0203010001";
	
	public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
			throws Exception {
		String uri = request.getRequestURI().replace(request.getContextPath(), "");
		if (uri.indexOf(";jsessionid") != -1) {
			uri = uri.substring(0, uri.indexOf(";jsessionid"));
		}
		if (uri.indexOf(";JSESSIONID") != -1) {
			uri = uri.substring(0, uri.indexOf(";JSESSIONID"));
		}
		System.out.println("*****进入拦截器*****************");
		
		
		//HttpServletRequest request=(HttpServletRequest) req;
	    //HttpServletResponse response=(HttpServletResponse) res;
	    if(StringUtils.isEmpty(publicKey)){
	    	publicKey=pk;
	    }
	    if(StringUtils.isEmpty(publicKey)){
	    	System.out.println("*******不处理");
		    return true;
	    }
	    //验签
	    Enumeration<String> parameterNames = request.getParameterNames();
	    Map<String, String> dataMap = new TreeMap<String, String>(
                new Comparator<String>() {
                    public int compare(String obj1, String obj2) {
                        // 降序排序
                        return obj2.compareTo(obj1);
                    }
                });
	    while (parameterNames.hasMoreElements()) {
			String key = (String) parameterNames.nextElement();
			if(!"sign".equals(key)){
				dataMap.put(key, request.getParameter(key));
			}
		}
	    StringBuilder sb=new StringBuilder();
	    Set<String> sets = dataMap.keySet();
	    if(sets.size()<=0){
	    	//没参数，就放开了。不处理加密了
	    	System.out.println("*******不处理");
		    return true;
	    }
	    for(String e:sets){
	    	sb.append(e+"="+dataMap.get(e)+"&");
	    }
	    String sign = request.getParameter("sign");
	    String verfiyStr=sb.toString();
	    verfiyStr=verfiyStr.substring(0, verfiyStr.length()-2);
	    if(StringUtils.isEmpty(sign)){
	    	//没传签名
	    	System.out.println("*******没传签名***********************");
		   // return false;
	    }
	    boolean verify = false;
		try {
			verify = RSAsignature.verify(verfiyStr, verfiyStr.getBytes(), sign);
		} catch (Exception e1) {
			// TODO Auto-generated catch block
			//e1.printStackTrace();
		}
	    if(!verify){
	    	//签名不正确
	    	System.out.println("*******签名不正确***********************");
	    	//return false;
	    }
	    	    
		return true;
	}
	
	
	
}
